CVE-2016-9933

high

Description

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.

References

https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1

https://github.com/libgd/libgd/issues/215

https://github.com/libgd/libgd/commit/77f619d48259383628c3ec4654b1ad578e9eb40e

https://bugs.php.net/bug.php?id=72696

https://access.redhat.com/errata/RHSA-2018:1296

http://www.securityfocus.com/bid/94865

http://www.php.net/ChangeLog-7.php

http://www.php.net/ChangeLog-5.php

http://www.openwall.com/lists/oss-security/2016/12/12/2

http://www.debian.org/security/2017/dsa-3751

http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html

http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html

http://lists.opensuse.org/opensuse-updates/2017-01/msg00002.html

http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html

http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html

Details

Source: Mitre, NVD

Published: 2017-01-04

Updated: 2018-05-04

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High